Browser-Based Threat Report: Oct. 2

/in /by

Browser-Based Threat Report

Week of October 2nd, 2023

ConcealBrowse is leveraged by teams across the world to combat weaponized URLs. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.

In today’s digital landscape, threats to online security are ever-evolving, and staying one step ahead of malicious actors is essential. ConcealBrowse is your trusted partner in the battle against cyber threats. Our advanced threat detection and prevention system uncovered a severe security risk on September 20th, 2023, and we have been at the forefront of safeguarding online experience ever since.

The following report highlights recently detected sites that were deemed suspicious:

This web page was detected by ConcealBrowse on September 20th, 2023, with it first being submitted to various CTI feeds on March 20th, 2023. The page was recently submitted for analysis on September 21st, 2023, indicating that the page is continuously compromised to serve malicious content.

The compromised site was conducting drive-by downloads via embedded JavaScript files, delivering an HTML file with a sha256
of 0d3e98ca727fc1201b436170af5a63f23348aaf146a3ac6234f6c4da283e8b34.

Using various MITRE ATT&CK techniques to Evade Detection via process injection and conduct Command and Control via ingress tool transfer, the adversary can deliver the suspected credential harvesting HTML file and export the user supplied credentials.

_____________

This web page was detected by ConcealBrowse on September 29th, 2023 with it first being submitted to CTI feeds on December 29th, 2015. The page was most recently submitted September 23rd, 2023 due it’s continued nefarious activities. The page contains a redirect to hxxp:// survey-smiles[.]com that is delivering an HTML file with the sha256 of 10dbbd006c5099d6e4f1302ffb0bd95885c0b4caf4107de725b73c08bdb8a39d.

Upon further analysis of the original URL, it was identified to be a referred URL inside the strings of the njRAT-master trojan
(SHA-256: c6c2f7f109ce90b2874266c2dfea905bdca745dfac3922d674922de476109d30).

Finally, the hosting IP address has been reportedly communicating with various Win32 EXE files that are redirecting victims to a spoofed PayPal page, reinstalling adware, and delivering trojans amongst other malicious activities. Other URLs hosted on the same IP address are currently delivering malicious payloads and are actively phishing.

_____________

This currently active page was detected by ConcealBrowse on September 28th, 2023 with it first being submitted to various CTI feeds later that same day. When the page is loaded, it leads victims to a spoofed Microsoft login page that entices users to divulge their credentials. Fortunately, ConcealBrowse detected the page and not only sent it to isolation, but also prevented the user from entering in their password, as seen below.

_____________

Valuable Outcomes

ConcealBrowse offers comprehensive protection against a myriad of sophisticated cyber threats, as exemplified in recent threat reports. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to navigate the digital landscape with confidence, knowing that their online activities are shielded from potential harm.

Join the Conceal Community and claim your FREE ConcealBrowse licenses!

Join the Conceal Community today and fortify your online security for free! Don’t miss the chance to benefit from our advanced threat protection and stay one step ahead of cybercriminals. Experience peace of mind while browsing the internet, knowing that ConcealBrowse is your shield against the ever-evolving threat landscape. Take the proactive step towards a safer online experience – get your free ConcealBrowse license now and join a community that’s committed to safeguarding your digital world.

Join us today, and together, let’s make the internet a safer place.

Who’s Who In Ransomware

/in /by
press release hero

Conceal and CyberForce Security Announce Strategic Partnership: Amplifying MSSP Services with Advanced Browser Security

/in /by

Conceal and CyberForce Security join forces to elevate MSSP services with elite browser security, setting new industry standards.

September 28, 2023, 10:21 AM Eastern Daylight Time

AUGUSTA, GA –(BUSINESS WIRE)– Conceal, a pioneer in web security innovation, is excited to announce its strategic alliance with CyberForce Security, a leader in cybersecurity products and services. This collaboration is set to enhance CyberForce’s already comprehensive technology suite by including ConcealBrowse’s elite browser security.

“We are thrilled to integrate with CyberForce Security, a powerhouse known for its value-driven approach and deep commitment to offering the finest cybersecurity solutions in the industry. By incorporating ConcealBrowse into their portfolio, we’re collectively raising the bar in web protection for MSPs of all sizes,” commented Gordon Lawson, CEO of Conceal.

Miles Dunbar, COO of CyberForce Security, stated, “At CyberForce, our ethos revolves around understanding our partners and clients, both technically and business-wise. By integrating with Conceal’s browser security, we’re amplifying our promise of delivering only the best-of-breed solutions. This collaboration embodies our dedication to staying at the forefront of cybersecurity innovation.”

This partnership aligns perfectly with CyberForce Security’s mission of hand-picking elite cybersecurity products and ensuring every business, from start-ups to established giants, has access to top-tier protective solutions. As both companies champion a customer-centric approach, their synergistic endeavor promises to set new benchmarks in MSSP offerings.

For Managed Service Providers seeking to fortify their security offerings, we invite you to join the Conceal MSP Community, where the focus is protection where it truly counts: at the browser. As part of our community, you’ll gain complimentary access to NFR licenses of ConcealBrowse. With effortless deployment and user-friendly interfaces, it integrates seamlessly into existing security infrastructures and stands robustly as a standalone solution, offering you unparalleled ease and flexibility. More so, built-in multi-tenancy and monthly billing features open avenues for revenue growth, allowing easy downstream deployment to your clients. Don’t miss this opportunity to enhance your security toolkit and grow your practice. Click here to sign up and become a part of the Conceal MSP Community, harnessing advanced browser protection for you and your clients today!

About Conceal

Conceal is at the forefront of defending against web-based attacks, using innovative technology to detect, prevent, and shield businesses and individual users from ever-evolving online threats.

ConcealBrowse operates on the principle of proactive protection. Its AI-powered intelligence engine, ConcealSherpa, runs at machine speed with virtually zero latency to identify potentially harmful webpages autonomously, stopping cyber attacks that take advantage of weaponized links. For more information, visit https://conceal.io/.

Source: https://www.businesswire.com/news/home/20230928919018/en/Conceal-and-CyberForce-Security-Announce-Strategic-Partnership-Amplifying-MSSP-Services-with-Advanced-Browser-Security

Securing the Digital Edge: The Case for Browser-Centric Cybersecurity

Securing the Digital Edge: The Case for Browser Security

/in /by

Endpoint Detection and Response (EDR) systems have long been a mainstay of cybersecurity strategy, providing invaluable detection, response, and threat-hunting capabilities. However, as more work moves online and the web browser emerges as a new battleground for cybersecurity, the limitations of EDR solutions are becoming apparent.

Whitepaper

Read more

ConcealBrowse: A Communications Company’s First Line of Defense

/in /by

Investing in the Future: ConcealBrowse and the Communications Giant

In an era where every click could lead to a potential security breach, a prominent communications company took a proactive approach. Recognizing the ever-growing spectrum of cyber threats, the company invested in ConcealBrowse. This cybersecurity solution would soon prove its worth in an unexpected way.

The Threat Unearthed: Proximity and IOCs

ConcealBrowse stumbled upon a domain which was flagged on one of the company’s endpoints. But why was this particular domain flagged?

The answer lies in the analysis. Even though there were no direct signs pointing towards the domain being malicious, it was found in proximity to other known malevolent infrastructures. A deeper dive showed that this site shared ad tracking IDs with several malicious sites. Furthermore, there were instances where malware had referred to this site.

The Power of Proximity in Analysis

But what does proximity really mean in the cybersecurity world? Conceal’s Proximity metric provides an answer. It gauges the risk posed by a website linked to infrastructures that have been associated with malicious activities. In this instance, given that the IP address associated with the suspicious domain had been used for a significant number of malicious sites, its proximity risk was deemed high.

Isolation: The Knight in Shining Armor

This is where ConcealBrowse’s brilliance truly shone. Instead of blocking access to the domain, the tool took a user-centric approach. It isolated the site, permitting users to view it within a secure, contained environment. Any potential threat on the website would not have a direct pathway to the user’s device, ensuring safety without hampering user experience.

The Verdict: Safeguarding While Ensuring Access

The isolation of the suspicious domain stands as a testament to the efficiency and effectiveness of ConcealBrowse. This incident highlighted how the communications company could continue to give its users access to potentially risky domains without compromising on security.

In conclusion, the decision to invest in ConcealBrowse offered the communications company not just a robust line of defense against cyber threats but also the ability to navigate the digital world with confidence and ease. As the cyber realm continues to evolve, having such proactive tools becomes not just beneficial, but essential.

press release hero

Conceal Announces Innovative Collaboration with Hyprfire: Augmenting Network Defenses with Cutting-edge Browser Security

/in /by

Conceal, a global leader in online threat defense, joins forces with Hyprfire, an Australian active threat-hunting and network defense pioneer.

September 13, 2023, 10:00 AM Eastern Daylight Time

AUGUSTA, GA –(BUSINESS WIRE)–Conceal, a global vanguard against online threats, today proudly unveils its strategic partnership with Hyprfire, an Australian front-runner in active threat hunting and network defense. This collaboration introduces an amplified enhancement to Hyprfire’s lauded Firebug Network Detection and Response solution, seamlessly incorporating ConcealBrowse.

“Integrating Conceal’s unique capabilities complements our foundational ethos,” remarked Tim Jones, Managing Director of Hyprfire. “Conceal’s reputation in proactive web protection makes this partnership a cohesive endeavor. We foresee our combined strengths, from ConcealBrowse’s dynamic web content analysis to our actionable event intelligence and high fidelity network visibility, redefining the cybersecurity paradigm.”

Gordon Lawson, CEO at Conceal, echoed the sentiment, “Conceal’s reputation in proactive web protection makes this partnership a cohesive endeavor. We foresee our combined strengths, from ConcealBrowse’s dynamic web content analysis to our actionable event intelligence, redefining the cybersecurity paradigm.”

“Partnering with Hyprfire’s unique capabilities complements our commitment to providing unparalleled web security,” remarked Gordon Lawson, CEO of Conceal. “Furthermore, this synergy allows us to reach an expansive audience, targeting teams with threats at the edge.”

Together, Conceal’s revolutionary browser security and Hyprfire’s consistent threat-hunting tools offer a formidable defense against evolving online challenges.

About Conceal

Conceal is at the forefront of defending against web-based attacks, using innovative technology to detect, prevent, and shield businesses and individual users from ever-evolving online threats. 

ConcealBrowse operates on the principle of proactive protection. Its AI-powered intelligence engine, ConcealSherpa, runs at machine speed with virtually zero latency to identify potentially harmful webpages autonomously, stopping cyber attacks that take advantage of weaponized links. For more information, visit https://conceal.io/.

About Hyprfire

With a vision centered on democratizing network security, Hyprfire emerges as a beacon in the domain. Recognized for Firebug, their flagship NDR solution, they equip organizations with robust, easily deployable defense mechanisms, sidestepping the complexities that legacy solutions entail. Hyprfire’s commitment to affordability, coupled with a partner-first approach, positions them as a trusted ally in the evolving network security landscape. For those eager to explore further, journey to Hyprfire’s digital abode.

Source: https://www.businesswire.com/news/home/20230913155079/en/Conceal-Announces-Innovative-Collaboration-with-Hyprfire-Augmenting-Network-Defenses-with-Cutting-edge-Browser-Security

Five Lessons On Safeguarding Point-Of-Sale Systems

/in /by
press release hero

Conceal Announces Strategic Partnership with Kompingo: Revolutionizing Web Security with the Next Generation of Protection

/in /by

Conceal, and UK-based Kompingo join forces to fortify web security. ConcealBrowse’s zero-trust browser defense enhances Kompingo’s MDR services, pioneering advanced protection.

August 22, 2023, 09:00 AM Eastern Daylight Time

AUGUSTA, GA –(BUSINESS WIRE)–Conceal, renowned for its pioneering stance against web-based threats, today heralded its significant partnership with Kompingo, the UK’s distinguished value-added distributor and managed security service provider. This collaboration signifies a major enhancement for Kompingo’s Managed Detection and Response (MDR) services, as it integrates Conceal’s patented zero-trust browser security into its offerings.

“As the digital threat landscape rapidly evolves, strengthening our MDR and managed services capabilities remains paramount. Integrating Conceal’s browser security solution aligns perfectly with our ambition to offer our customers top-tier, holistic security solutions,” commented Toby Caton, Director at Kompingo. “Conceal also allows us to offer the product as a stand-alone solution to our growing MSP partners and reseller base for them to enhance their offerings further, too.”

Gordon Lawson, CEO of Conceal, further emphasized the partnership’s potential: “Kompingo’s expertise in managed security services makes them an ideal partner. We’re confident that by infusing ConcealBrowse into their MDR offerings, we can provide users with unprecedented protection from web-centric threats.”

Together, Kompingo’s state-of-the-art Security Operations Centre and ConcealBrowse promise a robust defense against today’s sophisticated web threats. With Kompingo’s AI and machine learning-enhanced operations now complemented by Conceal’s dynamic web content analysis, both organizations are poised to set a new benchmark in cybersecurity.

About Conceal

Conceal is at the forefront of defending against web-based attacks, using innovative technology to detect, prevent, and shield businesses and individual users from ever-evolving online threats. 

ConcealBrowse operates on the principle of proactive protection. Its AI-powered intelligence engine, ConcealSherpa, runs at machine speed with virtually zero latency to identify potentially harmful webpages autonomously, stopping cyber attacks that take advantage of weaponized links. For more information, visit https://conceal.io/.

About Kompingo

Situated at the crossroads of innovation and technology, Kompingo has etched its mark as a leading light in the IT security arena. Famed for its comprehensive managed services, Kompingo is dedicated to incubating IT security start-ups, nurturing technological advancements, and driving growth. Their plethora of services, spanning from co-managed and fully managed offerings to vCISO and penetration testing, makes them an indispensable ally in the cybersecurity domain. With a steadfast dedication to the Cyber Essentials Scheme and their top-notch Managed Detection and Response services, Kompingo remains a name synonymous with excellence.

press release hero

Conceal Enhances Browser Security in Strategic Partnership with NGS

/in /by

UK-based NGS boosts its cutting-edge security strategy by integrating ConcealBrowse to protect against ransomware and credential theft with a novel AI engine

August 16, 2023, 09:00 AM Eastern Daylight Time

AUGUSTA, Ga.–(BUSINESS WIRE)–Conceal, a forerunner in defending against web-based attacks, proudly announces its partnership with NGS, the UK’s leading transformative cybersecurity solution provider. Through this collaboration, NGS clients will benefit immensely from Conceal’s patented zero-trust browser solution, fortifying their web protection like never before.

“As the cyber threat landscape evolves, it’s crucial for businesses to be equipped with the most advanced tools to prevent potential breaches,” said Jonathan Lassman, Founder and Director of NGS. “Integrating with Conceal allows us to provide our clients with a first-rate security solution that halts threats at the browser’s doorstep, preventing data compromise and ensuring optimal user experience. We are thrilled about this partnership and ready to set new industry standards.”

Gordon Lawson, CEO of Conceal, shared, “NGS has proven its mettle in the cybersecurity arena, focusing on driving value and prioritizing user experience. This partnership will enable us to jointly address the sophisticated browser-based threats and challenges that modern businesses face. Together, we’ll redefine web security for countless organizations.”

ConcealBrowse stands as a game-changer in the realm of web-browser security. Seamlessly integrating with existing security infrastructures, it offers minimal setup hassle and supplies invaluable telemetry data compatible with SIEMs and popular analytical tools.

About NGS

With its motto, “Be Transformative,” NGS has made significant strides in the cybersecurity world, bridging the gap between emerging technology challenges and security solutions. Through strategic collaborations with top-tier vendors, NGS offers unparalleled security solutions tailored to modern business needs. Their holistic approach, focusing on delivering more for less, has made them a go-to for businesses seeking to bolster their digital defenses without breaking the bank.

About Conceal

Conceal is at the forefront of defending against web-based attacks, using innovative technology to detect, prevent, and shield businesses and individual users from ever-evolving online threats. ConcealBrowse operates on the principle of proactive protection. Its AI-powered intelligence engine, ConcealSherpa, runs at machine speed with virtually zero latency to identify potentially harmful webpages autonomously, stopping cyber attacks that take advantage of weaponized links. For more information, visit https://conceal.io/.

ConcealBrowse: Shielding IT Solutions from Stealthy Threats

/in /by

ConcealBrowse: A Game-Changer for IT Solutions

In the rapidly evolving landscape of IT, staying ahead of threats is paramount. This imperative led to the adoption of ConcealBrowse, an advanced cybersecurity tool. For one IT solution in particular, this investment turned out to be not just prudent but crucial.

Identifying the Threat: The Power of IOCs

Conceal analysts recently zeroed in on a suspicious domain, abukss[.]com, which was isolated by ConcealBrowse on one of the system’s endpoints. The subsequent investigation led to a concerning revelation.

The domain in question was found to be communicating with multiple malicious PDF files. Since its registration on March 15, it has reportedly interacted with a staggering 22 malicious PDFs and one malignant RAR file. Even more intriguing, it was linked to an older domain, emailgoal[.]com, indicating a potential long-standing attack chain.

Through rigorous analysis, several Indicators of Compromise (IOCs) associated with the domain were identified:

DOMAIN: abukss[.]com
DOMAIN: emailgoal[.]com
SHA256 Hashes:
000b57b2e7c…4e3f933ac1f9fbf92aaa852a0c792420
003011e3…439bacca148ca5a78bc52929d772fac

Digging Deeper: The Analysis

Upon closer inspection, the discovery of abukss[.]com’s interactions with a myriad of malicious files underscored the importance of continuous threat intelligence. These findings emphasize the domain’s role as a potential distribution hub for malware.

Furthermore, its association with emailgoal[.]com, a domain with its own dubious track record, hinted at a more extensive, coordinated effort by cyber adversaries. The identified SHA256 hashes serve as unique fingerprints of malicious files, further fortifying the case against the domain.

ConcealBrowse’s Isolation Mechanism: A Robust Defense

But how does ConcealBrowse effectively counter such threats? The answer lies in its isolation capability.

When ConcealBrowse identifies a potential cyber threat, it ensures that the malicious site is accessed within a remote, isolated environment. This means that any malicious downloads initiated by the website are instantly blocked. Furthermore, should there be any harmful code present on the site, it gets executed within this sandboxed environment, leaving the user’s actual device untouched and uncompromised.

The Upshot: A Bullet Dodged

Thanks to ConcealBrowse, the IT solution in question remained shielded from a potentially disastrous malware intrusion. By detecting, analyzing, and isolating the threat, the tool prevented what could have been a significant breach.

In conclusion, this stands as a testament to the effectiveness of ConcealBrowse in protecting systems against stealthy and sophisticated cyber threats. The world of IT solutions is rife with potential vulnerabilities, but with tools like ConcealBrowse in the arsenal, these vulnerabilities can be robustly guarded against.